"Whonix is an anonymous general purpose operating system based on Virtual Box, Debian GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two (virtual) machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible."

"If memory serves, you have to use encrypted traffic on Tor otherwise the Tor's exit gateway can listen to your traffic, do Whonix do something about this point?"

That's true, however tor is designed for anonymity rather than end to end encryption. From what I've read at the Whonix website, it looks like it's nothing more than a bog standard tor node in front of a standard virtual machine running standard browser software.

In theory the virtual machine shouldn't be necessary but it's there just in case the browser could be exploited.

You can take a look at freenet for another kind of solution designed to provide both encryption and anonymity. It even protects from statistical analysis through probabilistic data transfer. However it's extremely inefficient and not really real time.